class PermissionController < ApplicationController
    layout  'framework',:except=>[:login]

    def login
        case @request.method
        when :post
            if @session[:account] = Account.authenticate(@params[:account_login], @params[:account_password])
                flash['notice']  = "登录成功"
                redirect_to '/welcome'
            else
                flash['notice']  = "<font color='red'>用户登录失败，请检查用户名/密码或用户状态</font>"
            end
        end
    end

    def signup
        @account = Account.new(@params[:account])

        if @request.post? and @account.save
            @session[:account] = Account.authenticate(@account.login, @params[:account][:password])
            flash['notice']  = "Signup successful,id is #{@account.id}"
            redirect_back_or_default :action => "welcome"
        end
    end  

    def logout
        @session[:account] = nil
        redirect_to '/'
    end

    def welcome
    end

end
